The invention relates to the field of telecommunications and computer engineering, and more particularly, to cryptographic methods and devices intended to encrypt messages (data).
Used in the description of the claimed method, as taken in the aggregate of its features, are the following concepts.
By xe2x80x9csecret keyxe2x80x9d we shall mean a binary information that is only known to the authorized user.
By xe2x80x9ccipherxe2x80x9d we shall mean the combination of elementary steps of the process of input data conversion using the secret key, which is implementable either in the form of a computer program or as a separate unit.
xe2x80x9cEncryptionxe2x80x9d is the process of digital information conversion under control of the secret key, allowing to transform the source data into a ciphered text represented by a pseudorandom sequence of characters such that it is practically impossible to derive any information therefrom without being acquainted with the key.
xe2x80x9cDecryptionxe2x80x9d is the process reverse of that of encryption which permits to recover the information according to the cryptogram provided that the operator is aware of the encryption key.
By xe2x80x9cbinary vectorxe2x80x9d is generally meant a certain sequence of on- and off-bits, e.g. that corresponding to the hum noise or to the spurious signals present in the communication link; in the present Application, the binary vector signifies a train of ordered bits not interpreted by the acceptor (receiver) of data as a desired signal or as the information.
xe2x80x9cPseudorandom law of forming binary vectorsxe2x80x9d represents a predetermined rule of generation of an extended sequence of bits on the basis of an initial parameter and of subdividing said sequence into elements of necessary size; it is possible to use, as such as initial parameter, the secret key or a randomly chosen number; if its value is unknown, the output sequence will be in fact indistinguishable from randomly generated signals.
xe2x80x9cCryptanalysisxe2x80x9d is the technique of calculating the secret key in order to have an unauthorized access to the encrypted information or the elaboration of a method allowing to access to such an information without having to calculate the secret key.
xe2x80x9cCryptographic resistancexe2x80x9d constitutes the measure of the reliability of data protection and represents the labour intensity given in terms of the number of elementary operations to be executed in order to recover the information according to the cryptogram in conditions where the operator is acquainted with the conversion algorithm and not with the secret key.
Known are various methods of block encryption of data: see e.g. the cipher RC5 [R. Rivest, The RC5 Encryption Algorithm, Fast Software Encryption, Second International Workshop Proceedings (Leuven, Belgium, Dec. 14-16, 1994), Lecture Notes in Computer Science, v. 1008, Springer-Verlag, 1995, pp.86-96]. In accordance with this conventional method, the encryption of data blocks is performed by forming a secret key, then subdividing the data block to be converted into subblocks and alternately alterating these latter by means of cyclic shift operations, and finally, taking a modulo 2 sum and a modulo 232 sum on the current block. This block method ensures a high encryption rate in case of implementation of the cipher in the form of a computer program.
However, it doesn""t show sufficient resistance to the differential and linear cryptanalysis [Kaliski B. S., Yin Y. L. On Diferential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances In Cryptologyxe2x80x94CRYPTO""95 Proc., Springer-Verlag, 1995, pp. 171-184] owing to the fact that with such a cryptanalytic technique, the attacker has the possibility to encrypt specially selected original texts.
One may consider as the method closest, as to its technical essence, to the claimed method of block encryption, that described in the US Standard DES [National Bureau of Standards, Data Encryption Standard. Federal Information Processing Standards Publication 46, January 1977]. This method comprises the steps of forming a secret key of a certain length, dividing the input information presented in the form of a binary code into elements 64 bits long, generating, on the basis of these latter, 64-bit data blocks, and converting said blocks under control of the secret key. Prior to the conversion, each data block is divided into two 32-bit subblocks L and R which are then alternately treated during 16 similar rounds of conversion. A single conversion round consists in operations of substitution, permutation and taking a modulo 2 sum made on the subblock R. Each round is terminated in the permutation of the subblocks R and L. The above-described method of block encryption of information gives high conversion rates in case of implementation in the form of specialized electronic circuits.
Unfortunately, it suffers from the drawback consisting in that when using this method, it becomes possible to efficiently apply various cryptanalytic techniques based upon specially selected input blocks of the initial text. This disadvantage is due to the fact that in such a cryptanalysis, the analyst becomes capable of selecting initial input texts whose encryption is accompanied with the exhibition of the statistic properties of the encryption algorithm.
Therefore, the objective of the invention is to provide a method of encrypting binary coded information according to which the conversion of input data is performed so as to allow, with a given fixed secret key, to convert the initial text into a ciphered text whose structure would not be predetermined, thus rendering more difficult the detection of the statistic properties of the encryption algorithm and consequently, improving the resistance to the cryptanalysis made on the basis of selected original texts.
The above problem is solved by providing a method of encrypting binary coded information comprising the steps of forming a secret key, working out Kxe2x89xa7data blocks containing Pxe2x89xa71 elements of the binary information code, and converting the data blocks under control of the secret key, characterized in that Dxe2x89xa71 binary vectors are additionally generated and that the data blocks are worked out by linking the binary vectors to the corresponding elements of the binary information code.
With such a solution, the configuration of the blocks of encrypted text depends not only upon the secret key and the structure of elements of binary information code, but also upon the structure of the binary vectors, resulting in that said configuration of the blocks of encrypted text is not longer predetermined for a given initial text and the adopted secret key. In consequence, it becomes more difficult to reveal the statistic properties of the encryption algorithm, thereby leading to an increase in the resistance to cryptanalysis performed on the basis of selected source texts.
Another novel feature of the invention consists in that these vectors are generated at random. This allows to obtain a random modification of a block of encrypted text, thus improving the resistance to cryptanalyses made according to known methods.
Still another feature consists in that the binary vectors are generated at pseudorandom, thus giving possibility to implement the claimed method on PC by means of software without having to use additional electronic circuits for generating random numbers.
Yet another novel feature consists in that the binary vectors are linked to the corresponding elements of the binary information code based on the secret key. This solution ensures an increase in the resistance of the encryption system due to the introduction of a supplementary uncertainty in the procedures of working out data blocks.